1. Patchew
  2. QEMU
  3. View series

[PATCH] fuzz: disable tcg for OSS-Fuzz builds

Alexander Bulekov posted 1 patch 1 week, 2 days ago 
scripts/oss-fuzz/build.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
[PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Alexander Bulekov 1 week, 2 days ago 
OSS-Fuzz builds have been failing due to some strange issues that seem
to be related to color codes from libffi:
https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt

Disable tcg to disable libffi.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
 scripts/oss-fuzz/build.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh
index 7398298173..095f7a90e3 100755
--- a/scripts/oss-fuzz/build.sh
+++ b/scripts/oss-fuzz/build.sh
@@ -65,7 +65,7 @@ mkdir -p "$DEST_DIR/lib/"  # Copy the shared libraries here
 # Build once to get the list of dynamic lib paths, and copy them over
 ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \
     --prefix="/opt/qemu-oss-fuzz" \
-    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu"
+    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu" --disable-tcg
 
 if ! make "-j$(nproc)" qemu-fuzz-i386; then
     fatal "Build failed. Please specify a compiler with fuzzing support"\
@@ -83,7 +83,7 @@ if [ "$GITLAB_CI" != "true" ]; then
     ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \
         --prefix="/opt/qemu-oss-fuzz" \
         --extra-cflags="$EXTRA_CFLAGS" --extra-ldflags="-Wl,-rpath,\$ORIGIN/lib" \
-        --target-list="i386-softmmu"
+        --target-list="i386-softmmu" --disable-tcg
     make "-j$(nproc)" qemu-fuzz-i386 V=1
 fi
 
-- 
2.45.2
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Philippe Mathieu-Daudé 1 week, 2 days ago 
On 13/11/24 16:37, Alexander Bulekov wrote:
> OSS-Fuzz builds have been failing due to some strange issues that seem
> to be related to color codes from libffi:
> https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt
> 
> Disable tcg to disable libffi.
> 
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> ---
>   scripts/oss-fuzz/build.sh | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh
> index 7398298173..095f7a90e3 100755
> --- a/scripts/oss-fuzz/build.sh
> +++ b/scripts/oss-fuzz/build.sh
> @@ -65,7 +65,7 @@ mkdir -p "$DEST_DIR/lib/"  # Copy the shared libraries here
>   # Build once to get the list of dynamic lib paths, and copy them over
>   ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \
>       --prefix="/opt/qemu-oss-fuzz" \
> -    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu"
> +    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu" --disable-tcg

IIUC we are using the QTest 'software [un]accelerator' to fuzz via I/O,
right?
Then maybe we can disable all accelerators to speed up build. But please
mention it in the commit description.

Regards,

Phil.
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Alexander Bulekov 1 week, 2 days ago 
On 241113 2040, Philippe Mathieu-Daud?? wrote:
> On 13/11/24 16:37, Alexander Bulekov wrote:
> > OSS-Fuzz builds have been failing due to some strange issues that seem
> > to be related to color codes from libffi:
> > https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt
> > 
> > Disable tcg to disable libffi.
> > 
> > Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> > ---
> >   scripts/oss-fuzz/build.sh | 4 ++--
> >   1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh
> > index 7398298173..095f7a90e3 100755
> > --- a/scripts/oss-fuzz/build.sh
> > +++ b/scripts/oss-fuzz/build.sh
> > @@ -65,7 +65,7 @@ mkdir -p "$DEST_DIR/lib/"  # Copy the shared libraries here
> >   # Build once to get the list of dynamic lib paths, and copy them over
> >   ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \
> >       --prefix="/opt/qemu-oss-fuzz" \
> > -    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu"
> > +    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu" --disable-tcg
> 
> IIUC we are using the QTest 'software [un]accelerator' to fuzz via I/O,
> right?
> Then maybe we can disable all accelerators to speed up build. But please
> mention it in the commit description.
> 

That would be nice, but needs some changes to meson.build, which doesn't
treat qtest as a real accelerator and will complain if building w/o tcg
and kvm:
error('No accelerator available for target @0@'.format(target))


> Regards,
> 
> Phil.
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Philippe Mathieu-Daudé 1 week, 2 days ago 
On 13/11/24 20:02, Alexander Bulekov wrote:
> On 241113 2040, Philippe Mathieu-Daud?? wrote:
>> On 13/11/24 16:37, Alexander Bulekov wrote:
>>> OSS-Fuzz builds have been failing due to some strange issues that seem
>>> to be related to color codes from libffi:
>>> https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt
>>>
>>> Disable tcg to disable libffi.
>>>
>>> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
>>> ---
>>>    scripts/oss-fuzz/build.sh | 4 ++--
>>>    1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh
>>> index 7398298173..095f7a90e3 100755
>>> --- a/scripts/oss-fuzz/build.sh
>>> +++ b/scripts/oss-fuzz/build.sh
>>> @@ -65,7 +65,7 @@ mkdir -p "$DEST_DIR/lib/"  # Copy the shared libraries here
>>>    # Build once to get the list of dynamic lib paths, and copy them over
>>>    ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \
>>>        --prefix="/opt/qemu-oss-fuzz" \
>>> -    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu"
>>> +    --extra-cflags="$EXTRA_CFLAGS" --target-list="i386-softmmu" --disable-tcg
>>
>> IIUC we are using the QTest 'software [un]accelerator' to fuzz via I/O,
>> right?
>> Then maybe we can disable all accelerators to speed up build. But please
>> mention it in the commit description.
>>
> 
> That would be nice, but needs some changes to meson.build, which doesn't
> treat qtest as a real accelerator and will complain if building w/o tcg
> and kvm:
> error('No accelerator available for target @0@'.format(target))

We need to start with the binary using '-accel qtest', not "pick any
available accelerator randomly".
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Paolo Bonzini 1 week, 2 days ago 
On Wed, Nov 13, 2024 at 5:38 PM Alexander Bulekov <alxndr@bu.edu> wrote:
>
> OSS-Fuzz builds have been failing due to some strange issues that seem
> to be related to color codes from libffi:
> https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt

Hmm... unqueuing this :)

In this log, the error happens even before QEMU starts to build. It's
glib that is being built here, and it's failing because apparently the
compiler does not support -fcolor-diagnostics.

I can't exclude that the same error would happen with QEMU, but this
patch won't help this particular log.

Where is the Dockerfile that's being used?

Paolo
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Alexander Bulekov 1 week, 2 days ago 
On 241113 1928, Paolo Bonzini wrote:
> On Wed, Nov 13, 2024 at 5:38???PM Alexander Bulekov <alxndr@bu.edu> wrote:
> >
> > OSS-Fuzz builds have been failing due to some strange issues that seem
> > to be related to color codes from libffi:
> > https://oss-fuzz-build-logs.storage.googleapis.com/log-8d5435ee-1677-40af-9656-b4162fa881e1.txt
> 
> Hmm... unqueuing this :)
> 
> In this log, the error happens even before QEMU starts to build. It's
> glib that is being built here, and it's failing because apparently the
> compiler does not support -fcolor-diagnostics.
> 
> I can't exclude that the same error would happen with QEMU, but this
> patch won't help this particular log.
> 
> Where is the Dockerfile that's being used?

https://github.com/google/oss-fuzz/blob/master/projects/qemu/Dockerfile

Thanks for catching that... I will try to run the docker build locally.
Probably makes sense to mimick what the glib people are doing:
https://github.com/google/oss-fuzz/tree/30da5abe5cd004e8a2f8c92923375d43b4d8a5c7/projects/glib
Their builds aren't failing. (I do still think it makes sense to build
w/o tcg to reduce the fuzzing binary size).

> 
> Paolo
>
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Paolo Bonzini 1 week, 2 days ago 
On Wed, Nov 13, 2024 at 7:35 PM Alexander Bulekov <alxndr@bu.edu> wrote:
> > Where is the Dockerfile that's being used?
>
> https://github.com/google/oss-fuzz/blob/master/projects/qemu/Dockerfile
>
> Thanks for catching that... I will try to run the docker build locally.

You can add -Db_colorout=disabled to both glib's "meson setup" line
and scripts/oss-fuzz/build.sh if you can reproduce that.

> Probably makes sense to mimick what the glib people are doing:
> https://github.com/google/oss-fuzz/tree/30da5abe5cd004e8a2f8c92923375d43b4d8a5c7/projects/glib
> Their builds aren't failing. (I do still think it makes sense to build
> w/o tcg to reduce the fuzzing binary size).

Yes, that's true.

Paolo
Re: [PATCH] fuzz: disable tcg for OSS-Fuzz builds
Posted by Paolo Bonzini 1 week, 2 days ago 
Queued, thanks.

Paolo

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.